Wireshark-dev: [Wireshark-dev] Bug 2.6.4 mac
From: Paul D <[email protected]>
Date: Tue, 30 Oct 2018 16:00:55 +0100
Open large capture which takes wireshark a few seconds to parse, and which contains SIP + RTP (concatenate a local capture with a small example sip capture from the web somewhere if need be) e.g.



Go to telephony voip calls. 

Press play streams, cancel (or escape), play streams again (while wireshark is still reparsing the capture file) and crash. 


=======

Bug 2

Open capture which contains SIP + RTP

Go to telephony voip calls. 

Select all, flow sequence. 

Close flow. 

Press prepare filter (reparse). 

Press flow sequence. All packets doubled in flow. (new flow instance did not clean up memory properly) 


=======

Bug 3 (transient) 


Open capture which contains SIP + RTP

Go to telephony voip calls. 

Select all, flow sequence. 


*** sometimes RTP streams which are present, do not display in the call graph. 

Close flow. 

Press prepare filter (reparse). 

Select all, flow sequence. 

*** RTP streams which are present, now display in the call graph. 

See bug 2

=========

(version info unimportant, bugs consistent across platforms for many versions)

$ wireshark  -v
Wireshark 2.6.4 (v2.6.4-0-g29d48ec8)

License GPLv2+: GNU GPL version 2 or later <http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.3.2, with libpcap, without POSIX capabilities, with
GLib 2.36.0, with zlib 1.2.5, with SMI 0.4.8, with c-ares 1.12.0, with Lua
5.2.4, with GnuTLS 3.4.17, with Gcrypt 1.7.7, with MIT Kerberos, with MaxMind DB
resolver, with nghttp2 1.21.0, with LZ4, with Snappy, with libxml2 2.9.4, with
QtMultimedia, with SBC, with SpanDSP, with bcg729.

Running on Mac OS X 10.14, build 18A391 (Darwin 18.0.0), with Intel(R) Core(TM)
i5-5250U CPU @ 1.60GHz (with SSE4.2), with 8192 MB of physical memory, with
locale C/UTF-8/C/C/C/C, with libpcap version 1.8.1 -- Apple version 79.200.4,
with GnuTLS 3.4.17, with Gcrypt 1.7.7, with zlib 1.2.11, binary plugins
supported (0 loaded).

Built using llvm-gcc 4.2.1 (Based on Apple Inc. build 5658) (LLVM build
2336.9.00).